ReactOS 0.4.17-dev-357-ga8f14ff
ldrapi.c
Go to the documentation of this file.
1/*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS NT User Mode Library
4 * FILE: dll/ntdll/ldr/ldrapi.c
5 * PURPOSE: PE Loader Public APIs
6 * PROGRAMMERS: Alex Ionescu (alex@relsoft.net)
7 * Aleksey Bragin (aleksey@reactos.org)
8 */
9
10/* INCLUDES *****************************************************************/
11
12#include <ntdll.h>
13
14#define NDEBUG
15#include <debug.h>
16
17/* GLOBALS *******************************************************************/
18
19LIST_ENTRY LdrpUnloadHead;
20LONG LdrpLoaderLockAcquisitionCount;
21BOOLEAN LdrpShowRecursiveLoads, LdrpBreakOnRecursiveDllLoads;
22UNICODE_STRING LdrApiDefaultExtension = RTL_CONSTANT_STRING(L".DLL");
23ULONG AlternateResourceModuleCount;
24extern PLDR_MANIFEST_PROBER_ROUTINE LdrpManifestProberRoutine;
25
26/* FUNCTIONS *****************************************************************/
27
28NTSTATUS
29NTAPI
30LdrFindCreateProcessManifest(IN ULONG Flags,
31 IN PVOID Image,
32 IN PVOID IdPath,
33 IN ULONG IdPathLength,
34 IN PVOID OutDataEntry)
35{
36 UNIMPLEMENTED;
37 return STATUS_NOT_IMPLEMENTED;
38}
39
40NTSTATUS
41NTAPI
42LdrDestroyOutOfProcessImage(IN PVOID Image)
43{
44 UNIMPLEMENTED;
45 return STATUS_NOT_IMPLEMENTED;
46}
47
48NTSTATUS
49NTAPI
50LdrCreateOutOfProcessImage(IN ULONG Flags,
51 IN HANDLE ProcessHandle,
52 IN HANDLE DllHandle,
53 IN PVOID Unknown3)
54{
55 UNIMPLEMENTED;
56 return STATUS_NOT_IMPLEMENTED;
57}
58
59NTSTATUS
60NTAPI
61LdrAccessOutOfProcessResource(IN PVOID Unknown,
62 IN PVOID Image,
63 IN PVOID Unknown1,
64 IN PVOID Unknown2,
65 IN PVOID Unknown3)
66{
67 UNIMPLEMENTED;
68 return STATUS_NOT_IMPLEMENTED;
69}
70
71VOID
72NTAPI
73LdrSetDllManifestProber(
74 _In_ PLDR_MANIFEST_PROBER_ROUTINE Routine)
75{
76 LdrpManifestProberRoutine = Routine;
77}
78
79BOOLEAN
80NTAPI
81LdrAlternateResourcesEnabled(VOID)
82{
83 /* ReactOS does not support this */
84 return FALSE;
85}
86
87FORCEINLINE
88ULONG_PTR
89LdrpMakeCookie(VOID)
90{
91 /* Generate a cookie */
92 return (((ULONG_PTR)NtCurrentTeb()->RealClientId.UniqueThread & 0xFFF) << 16) |
93 (_InterlockedIncrement(&LdrpLoaderLockAcquisitionCount) & 0xFFFF);
94}
95
96/*
97 * @implemented
98 */
99NTSTATUS
100NTAPI
101LdrUnlockLoaderLock(
102 _In_ ULONG Flags,
103 _In_opt_ ULONG_PTR Cookie)
104{
105 NTSTATUS Status = STATUS_SUCCESS;
106
107 DPRINT("LdrUnlockLoaderLock(%x %Ix)\n", Flags, Cookie);
108
109 /* Check for valid flags */
110 if (Flags & ~LDR_UNLOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS)
111 {
112 /* Flags are invalid, check how to fail */
113 if (Flags & LDR_UNLOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS)
114 {
115 /* The caller wants us to raise status */
116 RtlRaiseStatus(STATUS_INVALID_PARAMETER_1);
117 }
118
119 /* A normal failure */
120 return STATUS_INVALID_PARAMETER_1;
121 }
122
123 /* If we don't have a cookie, just return */
124 if (!Cookie) return STATUS_SUCCESS;
125
126 /* Validate the cookie */
127 if ((Cookie & 0xF0000000) ||
128 ((Cookie >> 16) ^ (HandleToUlong(NtCurrentTeb()->RealClientId.UniqueThread) & 0xFFF)))
129 {
130 DPRINT1("LdrUnlockLoaderLock() called with an invalid cookie!\n");
131
132 /* Invalid cookie, check how to fail */
133 if (Flags & LDR_UNLOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS)
134 {
135 /* The caller wants us to raise status */
136 RtlRaiseStatus(STATUS_INVALID_PARAMETER_2);
137 }
138
139 /* A normal failure */
140 return STATUS_INVALID_PARAMETER_2;
141 }
142
143 /* Ready to release the lock */
144 if (Flags & LDR_UNLOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS)
145 {
146 /* Do a direct leave */
147 RtlLeaveCriticalSection(&LdrpLoaderLock);
148 }
149 else
150 {
151 /* Wrap this in SEH, since we're not supposed to raise */
152 _SEH2_TRY
153 {
154 /* Leave the lock */
155 RtlLeaveCriticalSection(&LdrpLoaderLock);
156 }
157 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
158 {
159 /* We should use the LDR Filter instead */
160 Status = _SEH2_GetExceptionCode();
161 }
162 _SEH2_END;
163 }
164
165 /* All done */
166 return Status;
167}
168
169/*
170 * @implemented
171 */
172NTSTATUS
173NTAPI
174LdrLockLoaderLock(
175 _In_ ULONG Flags,
176 _Out_opt_ PULONG Disposition,
177 _Out_opt_ PULONG_PTR Cookie)
178{
179 NTSTATUS Status = STATUS_SUCCESS;
180 BOOLEAN InInit = LdrpInLdrInit;
181
182 DPRINT("LdrLockLoaderLock(%x %p %p)\n", Flags, Disposition, Cookie);
183
184 /* Zero out the outputs */
185 if (Disposition) *Disposition = LDR_LOCK_LOADER_LOCK_DISPOSITION_INVALID;
186 if (Cookie) *Cookie = 0;
187
188 /* Validate the flags */
189 if (Flags & ~(LDR_LOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS |
190 LDR_LOCK_LOADER_LOCK_FLAG_TRY_ONLY))
191 {
192 /* Flags are invalid, check how to fail */
193 if (Flags & LDR_LOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS)
194 {
195 /* The caller wants us to raise status */
196 RtlRaiseStatus(STATUS_INVALID_PARAMETER_1);
197 }
198
199 /* A normal failure */
200 return STATUS_INVALID_PARAMETER_1;
201 }
202
203 /* Make sure we got a cookie */
204 if (!Cookie)
205 {
206 /* No cookie check how to fail */
207 if (Flags & LDR_LOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS)
208 {
209 /* The caller wants us to raise status */
210 RtlRaiseStatus(STATUS_INVALID_PARAMETER_3);
211 }
212
213 /* A normal failure */
214 return STATUS_INVALID_PARAMETER_3;
215 }
216
217 /* If the flag is set, make sure we have a valid pointer to use */
218 if ((Flags & LDR_LOCK_LOADER_LOCK_FLAG_TRY_ONLY) && !(Disposition))
219 {
220 /* No pointer to return the data to */
221 if (Flags & LDR_LOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS)
222 {
223 /* The caller wants us to raise status */
224 RtlRaiseStatus(STATUS_INVALID_PARAMETER_2);
225 }
226
227 /* Fail */
228 return STATUS_INVALID_PARAMETER_2;
229 }
230
231 /* Return now if we are in the init phase */
232 if (InInit) return STATUS_SUCCESS;
233
234 /* Check what locking semantic to use */
235 if (Flags & LDR_LOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS)
236 {
237 /* Check if we should enter or simply try */
238 if (Flags & LDR_LOCK_LOADER_LOCK_FLAG_TRY_ONLY)
239 {
240 /* Do a try */
241 if (!RtlTryEnterCriticalSection(&LdrpLoaderLock))
242 {
243 /* It's locked */
244 *Disposition = LDR_LOCK_LOADER_LOCK_DISPOSITION_LOCK_NOT_ACQUIRED;
245 }
246 else
247 {
248 /* It worked */
249 *Disposition = LDR_LOCK_LOADER_LOCK_DISPOSITION_LOCK_ACQUIRED;
250 *Cookie = LdrpMakeCookie();
251 }
252 }
253 else
254 {
255 /* Do a enter */
256 RtlEnterCriticalSection(&LdrpLoaderLock);
257
258 /* See if result was requested */
259 if (Disposition) *Disposition = LDR_LOCK_LOADER_LOCK_DISPOSITION_LOCK_ACQUIRED;
260 *Cookie = LdrpMakeCookie();
261 }
262 }
263 else
264 {
265 /* Wrap this in SEH, since we're not supposed to raise */
266 _SEH2_TRY
267 {
268 /* Check if we should enter or simply try */
269 if (Flags & LDR_LOCK_LOADER_LOCK_FLAG_TRY_ONLY)
270 {
271 /* Do a try */
272 if (!RtlTryEnterCriticalSection(&LdrpLoaderLock))
273 {
274 /* It's locked */
275 *Disposition = LDR_LOCK_LOADER_LOCK_DISPOSITION_LOCK_NOT_ACQUIRED;
276 }
277 else
278 {
279 /* It worked */
280 *Disposition = LDR_LOCK_LOADER_LOCK_DISPOSITION_LOCK_ACQUIRED;
281 *Cookie = LdrpMakeCookie();
282 }
283 }
284 else
285 {
286 /* Do an enter */
287 RtlEnterCriticalSection(&LdrpLoaderLock);
288
289 /* See if result was requested */
290 if (Disposition) *Disposition = LDR_LOCK_LOADER_LOCK_DISPOSITION_LOCK_ACQUIRED;
291 *Cookie = LdrpMakeCookie();
292 }
293 }
294 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
295 {
296 /* We should use the LDR Filter instead */
297 Status = _SEH2_GetExceptionCode();
298 }
299 _SEH2_END;
300 }
301
302 /* Return status */
303 return Status;
304}
305
306/*
307 * @implemented
308 */
309NTSTATUS
310NTAPI
311DECLSPEC_HOTPATCH
312LdrLoadDll(
313 _In_opt_ PWSTR SearchPath,
314 _In_opt_ PULONG DllCharacteristics,
315 _In_ PUNICODE_STRING DllName,
316 _Out_ PVOID *BaseAddress)
317{
318 WCHAR StringBuffer[MAX_PATH];
319 UNICODE_STRING StaticString, DynamicString;
320 BOOLEAN RedirectedDll = FALSE;
321 NTSTATUS Status;
322 ULONG_PTR Cookie;
323 PUNICODE_STRING OldTldDll;
324 PTEB Teb = NtCurrentTeb();
325
326 /* Initialize the strings */
327 RtlInitEmptyUnicodeString(&StaticString, StringBuffer, sizeof(StringBuffer));
328 RtlInitEmptyUnicodeString(&DynamicString, NULL, 0);
329
330 Status = LdrpApplyFileNameRedirection(DllName, &LdrApiDefaultExtension, &StaticString, &DynamicString, &DllName, &RedirectedDll);
331
332 /* Lock the loader lock */
333 LdrLockLoaderLock(LDR_LOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS, NULL, &Cookie);
334
335 /* Check if there's a TLD DLL being loaded */
336 OldTldDll = LdrpTopLevelDllBeingLoaded;
337 _SEH2_TRY
338 {
339
340 if (OldTldDll)
341 {
342 /* This is a recursive load, do something about it? */
343 if ((ShowSnaps) || (LdrpShowRecursiveLoads) || (LdrpBreakOnRecursiveDllLoads))
344 {
345 /* Print out debug messages */
346 DPRINT1("[%p, %p] LDR: Recursive DLL Load\n",
347 Teb->RealClientId.UniqueProcess,
348 Teb->RealClientId.UniqueThread);
349 DPRINT1("[%p, %p] Previous DLL being loaded \"%wZ\"\n",
350 Teb->RealClientId.UniqueProcess,
351 Teb->RealClientId.UniqueThread,
352 OldTldDll);
353 DPRINT1("[%p, %p] DLL being requested \"%wZ\"\n",
354 Teb->RealClientId.UniqueProcess,
355 Teb->RealClientId.UniqueThread,
356 DllName);
357
358 /* Was it initializing too? */
359 if (!LdrpCurrentDllInitializer)
360 {
361 DPRINT1("[%p, %p] LDR: No DLL Initializer was running\n",
362 Teb->RealClientId.UniqueProcess,
363 Teb->RealClientId.UniqueThread);
364 }
365 else
366 {
367 DPRINT1("[%p, %p] DLL whose initializer was currently running \"%wZ\"\n",
368 Teb->ClientId.UniqueProcess,
369 Teb->ClientId.UniqueThread,
370 &LdrpCurrentDllInitializer->BaseDllName);
371 }
372 }
373 }
374
375 /* Set this one as the TLD DLL being loaded*/
376 LdrpTopLevelDllBeingLoaded = DllName;
377
378 /* Load the DLL */
379 Status = LdrpLoadDll(RedirectedDll,
380 SearchPath,
381 DllCharacteristics,
382 DllName,
383 BaseAddress,
384 TRUE);
385 if (NT_SUCCESS(Status))
386 {
387 Status = STATUS_SUCCESS;
388 }
389 else if ((Status != STATUS_NO_SUCH_FILE) &&
390 (Status != STATUS_DLL_NOT_FOUND) &&
391 (Status != STATUS_OBJECT_NAME_NOT_FOUND) &&
392 (Status != STATUS_DLL_INIT_FAILED))
393 {
394 DbgPrintEx(DPFLTR_LDR_ID,
395 DPFLTR_WARNING_LEVEL,
396 "LDR: %s - failing because LdrpLoadDll(%wZ) returned status %x\n",
397 __FUNCTION__,
398 DllName,
399 Status);
400 }
401 }
402 _SEH2_FINALLY
403 {
404 /* Restore the old TLD DLL */
405 LdrpTopLevelDllBeingLoaded = OldTldDll;
406
407 /* Release the lock */
408 LdrUnlockLoaderLock(LDR_UNLOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS, Cookie);
409 }
410 _SEH2_END;
411
412 /* Do we have a redirect string? */
413 if (DynamicString.Buffer)
414 RtlFreeUnicodeString(&DynamicString);
415
416 /* Return */
417 return Status;
418}
419
420/*
421 * @implemented
422 */
423NTSTATUS
424NTAPI
425LdrFindEntryForAddress(
426 _In_ PVOID Address,
427 _Out_ PLDR_DATA_TABLE_ENTRY *Module)
428{
429 PLIST_ENTRY ListHead, NextEntry;
430 PLDR_DATA_TABLE_ENTRY LdrEntry;
431 PIMAGE_NT_HEADERS NtHeader;
432 PPEB_LDR_DATA Ldr = NtCurrentPeb()->Ldr;
433 ULONG_PTR DllBase, DllEnd;
434
435 DPRINT("LdrFindEntryForAddress(Address %p)\n", Address);
436
437 /* Nothing to do */
438 if (!Ldr) return STATUS_NO_MORE_ENTRIES;
439
440 /* Get the current entry */
441 LdrEntry = Ldr->EntryInProgress;
442 if (LdrEntry)
443 {
444 /* Get the NT Headers */
445 NtHeader = RtlImageNtHeader(LdrEntry->DllBase);
446 if (NtHeader)
447 {
448 /* Get the Image Base */
449 DllBase = (ULONG_PTR)LdrEntry->DllBase;
450 DllEnd = DllBase + NtHeader->OptionalHeader.SizeOfImage;
451
452 /* Check if they match */
453 if (((ULONG_PTR)Address >= DllBase) &&
454 ((ULONG_PTR)Address < DllEnd))
455 {
456 /* Return it */
457 *Module = LdrEntry;
458 return STATUS_SUCCESS;
459 }
460 }
461 }
462
463 /* Loop the module list */
464 ListHead = &Ldr->InMemoryOrderModuleList;
465 NextEntry = ListHead->Flink;
466 while (NextEntry != ListHead)
467 {
468 /* Get the entry and NT Headers */
469 LdrEntry = CONTAINING_RECORD(NextEntry, LDR_DATA_TABLE_ENTRY, InMemoryOrderLinks);
470 NtHeader = RtlImageNtHeader(LdrEntry->DllBase);
471 if (NtHeader)
472 {
473 /* Get the Image Base */
474 DllBase = (ULONG_PTR)LdrEntry->DllBase;
475 DllEnd = DllBase + NtHeader->OptionalHeader.SizeOfImage;
476
477 /* Check if they match */
478 if (((ULONG_PTR)Address >= DllBase) &&
479 ((ULONG_PTR)Address < DllEnd))
480 {
481 /* Return it */
482 *Module = LdrEntry;
483 return STATUS_SUCCESS;
484 }
485
486 /* Next Entry */
487 NextEntry = NextEntry->Flink;
488 }
489 }
490
491 /* Nothing found */
492 DbgPrintEx(DPFLTR_LDR_ID,
493 DPFLTR_WARNING_LEVEL,
494 "LDR: %s() exiting 0x%08lx\n",
495 __FUNCTION__,
496 STATUS_NO_MORE_ENTRIES);
497 return STATUS_NO_MORE_ENTRIES;
498}
499
500/*
501 * @implemented
502 */
503NTSTATUS
504NTAPI
505LdrGetDllHandleEx(
506 _In_ ULONG Flags,
507 _In_opt_ PWSTR DllPath,
508 _In_opt_ PULONG DllCharacteristics,
509 _In_ PUNICODE_STRING DllName,
510 _Out_opt_ PVOID *DllHandle)
511{
512 NTSTATUS Status;
513 PLDR_DATA_TABLE_ENTRY LdrEntry;
514 UNICODE_STRING RedirectName, DynamicString, RawDllName;
515 PUNICODE_STRING pRedirectName, CompareName;
516 PWCHAR p1, p2, p3;
517 BOOLEAN Locked, RedirectedDll;
518 ULONG_PTR Cookie;
519 ULONG LoadFlag, Length;
520
521 /* Initialize the strings */
522 RtlInitEmptyUnicodeString(&DynamicString, NULL, 0);
523 RtlInitEmptyUnicodeString(&RawDllName, NULL, 0);
524 RedirectName = *DllName;
525 pRedirectName = &RedirectName;
526
527 /* Initialize state */
528 RedirectedDll = Locked = FALSE;
529 LdrEntry = NULL;
530 Cookie = 0;
531
532 /* Clear the handle */
533 if (DllHandle) *DllHandle = NULL;
534
535 /* Check for a valid flag combination */
536 if ((Flags & ~(LDR_GET_DLL_HANDLE_EX_PIN | LDR_GET_DLL_HANDLE_EX_UNCHANGED_REFCOUNT)) ||
537 (!DllHandle && !(Flags & LDR_GET_DLL_HANDLE_EX_PIN)))
538 {
539 DPRINT1("Flags are invalid or no DllHandle given\n");
540 Status = STATUS_INVALID_PARAMETER;
541 goto Quickie;
542 }
543
544 /* If not initializing */
545 if (!LdrpInLdrInit)
546 {
547 /* Acquire the lock */
548 Status = LdrLockLoaderLock(0, NULL, &Cookie);
549 if (!NT_SUCCESS(Status)) goto Quickie;
550
551 /* Remember we own it */
552 Locked = TRUE;
553 }
554
555 Status = LdrpApplyFileNameRedirection(
556 pRedirectName, &LdrApiDefaultExtension, NULL, &DynamicString, &pRedirectName, &RedirectedDll);
557 if (!NT_SUCCESS(Status))
558 {
559 DPRINT1("LdrpApplyFileNameRedirection FAILED: (Status 0x%x)\n", Status);
560 goto Quickie;
561 }
562
563 /* Set default failure code */
564 Status = STATUS_DLL_NOT_FOUND;
565
566 /* Use the cache if we can */
567 if (LdrpGetModuleHandleCache)
568 {
569 /* Check if we were redirected */
570 if (RedirectedDll)
571 {
572 /* Check the flag */
573 if (!(LdrpGetModuleHandleCache->Flags & LDRP_REDIRECTED))
574 {
575 goto DontCompare;
576 }
577
578 /* Use the right name */
579 CompareName = &LdrpGetModuleHandleCache->FullDllName;
580 }
581 else
582 {
583 /* Check the flag */
584 if (LdrpGetModuleHandleCache->Flags & LDRP_REDIRECTED)
585 {
586 goto DontCompare;
587 }
588
589 /* Use the right name */
590 CompareName = &LdrpGetModuleHandleCache->BaseDllName;
591 }
592
593 /* Check if the name matches */
594 if (RtlEqualUnicodeString(pRedirectName,
595 CompareName,
596 TRUE))
597 {
598 /* Skip the rest */
599 LdrEntry = LdrpGetModuleHandleCache;
600
601 /* Return success */
602 Status = STATUS_SUCCESS;
603 goto Quickie;
604 }
605 }
606
607DontCompare:
608 /* Find the name without the extension */
609 p1 = pRedirectName->Buffer;
610 p2 = NULL;
611 p3 = &p1[pRedirectName->Length / sizeof(WCHAR)];
612 while (p1 != p3)
613 {
614 if (*p1++ == L'.')
615 {
616 p2 = p1;
617 }
618 else if (*p1 == L'\\')
619 {
620 p2 = NULL;
621 }
622 }
623
624 /* Check if no extension was found or if we got a slash */
625 if (!(p2) || (*p2 == L'\\') || (*p2 == L'/'))
626 {
627 /* Check that we have space to add one */
628 Length = pRedirectName->Length +
629 LdrApiDefaultExtension.Length + sizeof(UNICODE_NULL);
630 if (Length >= UNICODE_STRING_MAX_BYTES)
631 {
632 /* No space to add the extension */
633 Status = STATUS_NAME_TOO_LONG;
634 goto Quickie;
635 }
636
637 /* Setup the string */
638 RawDllName.MaximumLength = Length;
639 ASSERT(Length >= sizeof(UNICODE_NULL));
640 RawDllName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
641 0,
642 RawDllName.MaximumLength);
643 if (!RawDllName.Buffer)
644 {
645 Status = STATUS_NO_MEMORY;
646 goto Quickie;
647 }
648
649 /* Copy the string and add extension */
650 RtlCopyUnicodeString(&RawDllName, pRedirectName);
651 RtlAppendUnicodeStringToString(&RawDllName, &LdrApiDefaultExtension);
652 }
653 else
654 {
655 /* Check if there's something in the name */
656 Length = pRedirectName->Length;
657 if (Length)
658 {
659 /* Check and remove trailing period */
660 if (pRedirectName->Buffer[Length / sizeof(WCHAR) - sizeof(ANSI_NULL)] == '.')
661 {
662 /* Decrease the size */
663 pRedirectName->Length -= sizeof(WCHAR);
664 }
665 }
666
667 /* Setup the string */
668 RawDllName.MaximumLength = pRedirectName->Length + sizeof(WCHAR);
669 RawDllName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
670 0,
671 RawDllName.MaximumLength);
672 if (!RawDllName.Buffer)
673 {
674 Status = STATUS_NO_MEMORY;
675 goto Quickie;
676 }
677
678 /* Copy the string */
679 RtlCopyUnicodeString(&RawDllName, pRedirectName);
680 }
681
682 /* Display debug string */
683 if (ShowSnaps)
684 {
685 DPRINT1("LDR: LdrGetDllHandleEx, searching for %wZ from %ws\n",
686 &RawDllName,
687 DllPath ? ((ULONG_PTR)DllPath == 1 ? L"" : DllPath) : L"");
688 }
689
690 /* Do the lookup */
691 if (LdrpCheckForLoadedDll(DllPath,
692 &RawDllName,
693 ((ULONG_PTR)DllPath == 1) ? TRUE : FALSE,
694 RedirectedDll,
695 &LdrEntry))
696 {
697 /* Update cached entry */
698 LdrpGetModuleHandleCache = LdrEntry;
699
700 /* Return success */
701 Status = STATUS_SUCCESS;
702 }
703 else
704 {
705 /* Make sure to NULL this */
706 LdrEntry = NULL;
707 }
708Quickie:
709 /* The success path must have a valid loader entry */
710 ASSERT((LdrEntry != NULL) == NT_SUCCESS(Status));
711
712 /* Check if we got an entry and success */
713 DPRINT("Got LdrEntry->BaseDllName %wZ\n", LdrEntry ? &LdrEntry->BaseDllName : NULL);
714 if ((LdrEntry) && (NT_SUCCESS(Status)))
715 {
716 /* Check if the DLL is locked */
717 if ((LdrEntry->LoadCount != 0xFFFF) &&
718 !(Flags & LDR_GET_DLL_HANDLE_EX_UNCHANGED_REFCOUNT))
719 {
720 /* Check what to do with the load count */
721 if (Flags & LDR_GET_DLL_HANDLE_EX_PIN)
722 {
723 /* Pin it */
724 LdrEntry->LoadCount = 0xFFFF;
725 LoadFlag = LDRP_UPDATE_PIN;
726 }
727 else
728 {
729 /* Increase the load count */
730 LdrEntry->LoadCount++;
731 LoadFlag = LDRP_UPDATE_REFCOUNT;
732 }
733
734 /* Update the load count now */
735 LdrpUpdateLoadCount2(LdrEntry, LoadFlag);
736 LdrpClearLoadInProgress();
737 }
738
739 /* Check if the caller is requesting the handle */
740 if (DllHandle) *DllHandle = LdrEntry->DllBase;
741 }
742
743 /* Free string if needed */
744 if (DynamicString.Buffer) RtlFreeUnicodeString(&DynamicString);
745
746 /* Free the raw DLL Name if needed */
747 if (RawDllName.Buffer)
748 {
749 /* Free the heap-allocated buffer */
750 RtlFreeHeap(RtlGetProcessHeap(), 0, RawDllName.Buffer);
751 RawDllName.Buffer = NULL;
752 }
753
754 /* Release lock */
755 if (Locked)
756 {
757 LdrUnlockLoaderLock(LDR_UNLOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS,
758 Cookie);
759 }
760
761 /* Return */
762 return Status;
763}
764
765/*
766 * @implemented
767 */
768NTSTATUS
769NTAPI
770LdrGetDllHandle(
771 _In_opt_ PWSTR DllPath,
772 _In_opt_ PULONG DllCharacteristics,
773 _In_ PUNICODE_STRING DllName,
774 _Out_ PVOID *DllHandle)
775{
776 /* Call the newer API */
777 return LdrGetDllHandleEx(LDR_GET_DLL_HANDLE_EX_UNCHANGED_REFCOUNT,
778 DllPath,
779 DllCharacteristics,
780 DllName,
781 DllHandle);
782}
783
784/*
785 * @implemented
786 */
787NTSTATUS
788NTAPI
789LdrGetProcedureAddress(
790 _In_ PVOID BaseAddress,
791 _In_opt_ _When_(Ordinal == 0, _Notnull_) PANSI_STRING Name,
792 _In_opt_ _When_(Name == NULL, _In_range_(>, 0)) ULONG Ordinal,
793 _Out_ PVOID *ProcedureAddress)
794{
795 /* Call the internal routine and tell it to execute DllInit */
796 return LdrpGetProcedureAddress(BaseAddress, Name, Ordinal, ProcedureAddress, TRUE);
797}
798
799NTSTATUS
800NTAPI
801LdrGetProcedureAddressEx(
802 _In_ PVOID BaseAddress,
803 _In_opt_ _When_(Ordinal == 0, _Notnull_) PANSI_STRING Name,
804 _In_opt_ _When_(Name == NULL, _In_range_(>, 0)) ULONG Ordinal,
805 _Out_ PVOID *ProcedureAddress,
806 _In_ ULONG Flags)
807{
808 /* Call the internal routine and execute DllInit depending of flags */
809 BOOLEAN ExecuteInit = !(Flags & LDR_GET_PROCEDURE_ADDRESS_DONT_RECORD_FORWARDER);
810 return LdrpGetProcedureAddress(BaseAddress, Name, Ordinal, ProcedureAddress, ExecuteInit);
811}
812
813/*
814 * @implemented
815 */
816NTSTATUS
817NTAPI
818LdrVerifyImageMatchesChecksum(
819 _In_ HANDLE FileHandle,
820 _In_ PLDR_CALLBACK Callback,
821 _In_ PVOID CallbackContext,
822 _Out_ PUSHORT ImageCharacteristics)
823{
824 FILE_STANDARD_INFORMATION FileStandardInfo;
825 PIMAGE_IMPORT_DESCRIPTOR ImportData;
826 PIMAGE_SECTION_HEADER LastSection = NULL;
827 IO_STATUS_BLOCK IoStatusBlock;
828 PIMAGE_NT_HEADERS NtHeader;
829 HANDLE SectionHandle;
830 SIZE_T ViewSize;
831 PVOID ViewBase;
832 BOOLEAN Result, NoActualCheck;
833 NTSTATUS Status;
834 PVOID ImportName;
835 ULONG Size;
836 DPRINT("LdrVerifyImageMatchesChecksum() called\n");
837
838 /* If the handle has the magic KnownDll flag, skip actual checksums */
839 NoActualCheck = ((ULONG_PTR)FileHandle & 1);
840
841 /* Create the section */
842 Status = NtCreateSection(&SectionHandle,
843 SECTION_MAP_EXECUTE,
844 NULL,
845 NULL,
846 PAGE_EXECUTE,
847 SEC_COMMIT,
848 FileHandle);
849 if (!NT_SUCCESS(Status))
850 {
851 DPRINT1 ("NtCreateSection() failed (Status 0x%x)\n", Status);
852 return Status;
853 }
854
855 /* Map the section */
856 ViewSize = 0;
857 ViewBase = NULL;
858 Status = NtMapViewOfSection(SectionHandle,
859 NtCurrentProcess(),
860 &ViewBase,
861 0,
862 0,
863 NULL,
864 &ViewSize,
865 ViewShare,
866 0,
867 PAGE_EXECUTE);
868 if (!NT_SUCCESS(Status))
869 {
870 DPRINT1("NtMapViewOfSection() failed (Status 0x%x)\n", Status);
871 NtClose(SectionHandle);
872 return Status;
873 }
874
875 /* Get the file information */
876 Status = NtQueryInformationFile(FileHandle,
877 &IoStatusBlock,
878 &FileStandardInfo,
879 sizeof(FILE_STANDARD_INFORMATION),
880 FileStandardInformation);
881 if (!NT_SUCCESS(Status))
882 {
883 DPRINT1("NtMapViewOfSection() failed (Status 0x%x)\n", Status);
884 NtUnmapViewOfSection(NtCurrentProcess(), ViewBase);
885 NtClose(SectionHandle);
886 return Status;
887 }
888
889 /* Protect with SEH */
890 _SEH2_TRY
891 {
892 /* Check if this is the KnownDll hack */
893 if (NoActualCheck)
894 {
895 /* Don't actually do it */
896 Result = TRUE;
897 }
898 else
899 {
900 /* Verify the checksum */
901 Result = LdrVerifyMappedImageMatchesChecksum(ViewBase,
902 FileStandardInfo.EndOfFile.LowPart,
903 FileStandardInfo.EndOfFile.LowPart);
904 }
905
906 /* Check if a callback was supplied */
907 if ((Result) && (Callback))
908 {
909 /* Get the NT Header */
910 NtHeader = RtlImageNtHeader(ViewBase);
911
912 /* Check if caller requested this back */
913 if (ImageCharacteristics)
914 {
915 /* Return to caller */
916 *ImageCharacteristics = NtHeader->FileHeader.Characteristics;
917 }
918
919 /* Get the Import Directory Data */
920 ImportData = RtlImageDirectoryEntryToData(ViewBase,
921 FALSE,
922 IMAGE_DIRECTORY_ENTRY_IMPORT,
923 &Size);
924
925 /* Make sure there is one */
926 if (ImportData)
927 {
928 /* Loop the imports */
929 while (ImportData->Name)
930 {
931 /* Get the name */
932 ImportName = RtlImageRvaToVa(NtHeader,
933 ViewBase,
934 ImportData->Name,
935 &LastSection);
936
937 /* Notify the callback */
938 Callback(CallbackContext, ImportName);
939 ImportData++;
940 }
941 }
942 }
943 }
944 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
945 {
946 /* Fail the request returning STATUS_IMAGE_CHECKSUM_MISMATCH */
947 Result = FALSE;
948 }
949 _SEH2_END;
950
951 /* Unmap file and close handle */
952 NtUnmapViewOfSection(NtCurrentProcess(), ViewBase);
953 NtClose(SectionHandle);
954
955 /* Return status */
956 return Result ? Status : STATUS_IMAGE_CHECKSUM_MISMATCH;
957}
958
959NTSTATUS
960NTAPI
961LdrQueryProcessModuleInformationEx(
962 _In_opt_ ULONG ProcessId,
963 _Reserved_ ULONG Reserved,
964 _Out_writes_bytes_to_(Size, *ReturnedSize) PRTL_PROCESS_MODULES ModuleInformation,
965 _In_ ULONG Size,
966 _Out_opt_ PULONG ReturnedSize)
967{
968 PLIST_ENTRY ModuleListHead, InitListHead;
969 PLIST_ENTRY Entry, InitEntry;
970 PLDR_DATA_TABLE_ENTRY Module, InitModule;
971 PRTL_PROCESS_MODULE_INFORMATION ModulePtr = NULL;
972 NTSTATUS Status = STATUS_SUCCESS;
973 ULONG UsedSize = FIELD_OFFSET(RTL_PROCESS_MODULES, Modules);
974 ANSI_STRING AnsiString;
975 PCHAR p;
976
977 DPRINT("LdrQueryProcessModuleInformation() called\n");
978
979 /* Acquire loader lock */
980 RtlEnterCriticalSection(NtCurrentPeb()->LoaderLock);
981
982 _SEH2_TRY
983 {
984 /* Check if we were given enough space */
985 if (Size < UsedSize)
986 {
987 Status = STATUS_INFO_LENGTH_MISMATCH;
988 }
989 else
990 {
991 ModuleInformation->NumberOfModules = 0;
992 ModulePtr = &ModuleInformation->Modules[0];
993 Status = STATUS_SUCCESS;
994 }
995
996 /* Traverse the list of modules */
997 ModuleListHead = &NtCurrentPeb()->Ldr->InLoadOrderModuleList;
998 Entry = ModuleListHead->Flink;
999
1000 while (Entry != ModuleListHead)
1001 {
1002 Module = CONTAINING_RECORD(Entry, LDR_DATA_TABLE_ENTRY, InLoadOrderLinks);
1003
1004 DPRINT(" Module %wZ\n", &Module->FullDllName);
1005
1006 /* Increase the used size */
1007 UsedSize += sizeof(RTL_PROCESS_MODULE_INFORMATION);
1008
1009 if (UsedSize > Size)
1010 {
1011 Status = STATUS_INFO_LENGTH_MISMATCH;
1012 }
1013 else
1014 {
1015 ModulePtr->ImageBase = Module->DllBase;
1016 ModulePtr->ImageSize = Module->SizeOfImage;
1017 ModulePtr->Flags = Module->Flags;
1018 ModulePtr->LoadCount = Module->LoadCount;
1019 ModulePtr->MappedBase = NULL;
1020 ModulePtr->InitOrderIndex = 0;
1021 ModulePtr->LoadOrderIndex = ModuleInformation->NumberOfModules;
1022
1023 /* Now get init order index by traversing init list */
1024 InitListHead = &NtCurrentPeb()->Ldr->InInitializationOrderModuleList;
1025 InitEntry = InitListHead->Flink;
1026
1027 while (InitEntry != InitListHead)
1028 {
1029 InitModule = CONTAINING_RECORD(InitEntry, LDR_DATA_TABLE_ENTRY, InInitializationOrderLinks);
1030
1031 /* Increase the index */
1032 ModulePtr->InitOrderIndex++;
1033
1034 /* Quit the loop if our module is found */
1035 if (InitModule == Module) break;
1036
1037 /* Advance to the next entry */
1038 InitEntry = InitEntry->Flink;
1039 }
1040
1041 /* Prepare ANSI string with the module's name */
1042 AnsiString.Length = 0;
1043 AnsiString.MaximumLength = sizeof(ModulePtr->FullPathName);
1044 AnsiString.Buffer = ModulePtr->FullPathName;
1045 RtlUnicodeStringToAnsiString(&AnsiString,
1046 &Module->FullDllName,
1047 FALSE);
1048
1049 /* Calculate OffsetToFileName field */
1050 p = strrchr(ModulePtr->FullPathName, '\\');
1051 if (p != NULL)
1052 ModulePtr->OffsetToFileName = p - ModulePtr->FullPathName + 1;
1053 else
1054 ModulePtr->OffsetToFileName = 0;
1055
1056 /* Advance to the next module in the output list */
1057 ModulePtr++;
1058
1059 /* Increase number of modules */
1060 if (ModuleInformation)
1061 ModuleInformation->NumberOfModules++;
1062 }
1063
1064 /* Go to the next entry in the modules list */
1065 Entry = Entry->Flink;
1066 }
1067
1068 /* Set returned size if it was provided */
1069 if (ReturnedSize)
1070 *ReturnedSize = UsedSize;
1071 }
1072 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1073 {
1074 /* Ignoring the exception */
1075 } _SEH2_END;
1076
1077 /* Release the lock */
1078 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock);
1079
1080 DPRINT("LdrQueryProcessModuleInformation() done\n");
1081
1082 return Status;
1083}
1084
1085/*
1086 * @implemented
1087 */
1088NTSTATUS
1089NTAPI
1090LdrQueryProcessModuleInformation(
1091 _Out_writes_bytes_to_(Size, *ReturnedSize) PRTL_PROCESS_MODULES ModuleInformation,
1092 _In_ ULONG Size,
1093 _Out_opt_ PULONG ReturnedSize)
1094{
1095 /* Call Ex version of the API */
1096 return LdrQueryProcessModuleInformationEx(0, 0, ModuleInformation, Size, ReturnedSize);
1097}
1098
1099/*
1100 * @implemented
1101 */
1102NTSTATUS
1103NTAPI
1104LdrEnumerateLoadedModules(
1105 _Reserved_ ULONG ReservedFlag,
1106 _In_ PLDR_ENUM_CALLBACK EnumProc,
1107 _In_opt_ PVOID Context)
1108{
1109 PLIST_ENTRY ListHead, ListEntry;
1110 PLDR_DATA_TABLE_ENTRY LdrEntry;
1111 NTSTATUS Status;
1112 ULONG_PTR Cookie;
1113 BOOLEAN Stop = FALSE;
1114
1115 /* Check parameters */
1116 if ((ReservedFlag) || !(EnumProc)) return STATUS_INVALID_PARAMETER;
1117
1118 /* Acquire the loader lock */
1119 Status = LdrLockLoaderLock(0, NULL, &Cookie);
1120 if (!NT_SUCCESS(Status)) return Status;
1121
1122 /* Loop all the modules and call enum proc */
1123 ListHead = &NtCurrentPeb()->Ldr->InLoadOrderModuleList;
1124 ListEntry = ListHead->Flink;
1125 while (ListHead != ListEntry)
1126 {
1127 /* Get the entry */
1128 LdrEntry = CONTAINING_RECORD(ListEntry, LDR_DATA_TABLE_ENTRY, InLoadOrderLinks);
1129
1130 /* Call the enumeration proc inside SEH */
1131 _SEH2_TRY
1132 {
1133 EnumProc(LdrEntry, Context, &Stop);
1134 }
1135 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1136 {
1137 /* Ignoring the exception */
1138 } _SEH2_END;
1139
1140 /* Break if we were asked to stop enumeration */
1141 if (Stop)
1142 {
1143 break;
1144 }
1145
1146 /* Advance to the next module */
1147 ListEntry = ListEntry->Flink;
1148 }
1149
1150 /* Release loader lock */
1151 Status = LdrUnlockLoaderLock(0, Cookie);
1152 ASSERT(NT_SUCCESS(Status));
1153
1154 /* Reset any successful status to STATUS_SUCCESS,
1155 * but leave failure to the caller */
1156 if (NT_SUCCESS(Status))
1157 Status = STATUS_SUCCESS;
1158
1159 /* Return any possible failure status */
1160 return Status;
1161}
1162
1163/*
1164 * @implemented
1165 */
1166NTSTATUS
1167NTAPI
1168LdrDisableThreadCalloutsForDll(
1169 _In_ PVOID BaseAddress)
1170{
1171 PLDR_DATA_TABLE_ENTRY LdrEntry;
1172 NTSTATUS Status;
1173 BOOLEAN LockHeld;
1174 ULONG_PTR Cookie;
1175 DPRINT("LdrDisableThreadCalloutsForDll (BaseAddress %p)\n", BaseAddress);
1176
1177 /* Don't do it during shutdown */
1178 if (LdrpShutdownInProgress) return STATUS_SUCCESS;
1179
1180 /* Check if we should grab the lock */
1181 LockHeld = FALSE;
1182 if (!LdrpInLdrInit)
1183 {
1184 /* Grab the lock */
1185 Status = LdrLockLoaderLock(0, NULL, &Cookie);
1186 if (!NT_SUCCESS(Status)) return Status;
1187 LockHeld = TRUE;
1188 }
1189
1190 /* Make sure the DLL is valid and get its entry */
1191 Status = STATUS_DLL_NOT_FOUND;
1192 if (LdrpCheckForLoadedDllHandle(BaseAddress, &LdrEntry))
1193 {
1194 /* Get if it has a TLS slot */
1195 if (!LdrEntry->TlsIndex)
1196 {
1197 /* It doesn't, so you're allowed to call this */
1198 LdrEntry->Flags |= LDRP_DONT_CALL_FOR_THREADS;
1199 Status = STATUS_SUCCESS;
1200 }
1201 }
1202
1203 /* Check if the lock was held */
1204 if (LockHeld)
1205 {
1206 /* Release it */
1207 LdrUnlockLoaderLock(LDR_UNLOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS, Cookie);
1208 }
1209
1210 /* Return the status */
1211 return Status;
1212}
1213
1214/*
1215 * @implemented
1216 */
1217NTSTATUS
1218NTAPI
1219LdrAddRefDll(
1220 _In_ ULONG Flags,
1221 _In_ PVOID BaseAddress)
1222{
1223 PLDR_DATA_TABLE_ENTRY LdrEntry;
1224 NTSTATUS Status = STATUS_SUCCESS;
1225 ULONG_PTR Cookie;
1226 BOOLEAN Locked = FALSE;
1227
1228 /* Check for invalid flags */
1229 if (Flags & ~(LDR_ADDREF_DLL_PIN))
1230 {
1231 /* Fail with invalid parameter status if so */
1232 Status = STATUS_INVALID_PARAMETER;
1233 goto quickie;
1234 }
1235
1236 /* Acquire the loader lock if not in init phase */
1237 if (!LdrpInLdrInit)
1238 {
1239 /* Acquire the lock */
1240 Status = LdrLockLoaderLock(0, NULL, &Cookie);
1241 if (!NT_SUCCESS(Status)) goto quickie;
1242 Locked = TRUE;
1243 }
1244
1245 /* Get this module's data table entry */
1246 if (LdrpCheckForLoadedDllHandle(BaseAddress, &LdrEntry))
1247 {
1248 if (!LdrEntry)
1249 {
1250 /* Shouldn't happen */
1251 Status = STATUS_INTERNAL_ERROR;
1252 goto quickie;
1253 }
1254
1255 /* If this is not a pinned module */
1256 if (LdrEntry->LoadCount != 0xFFFF)
1257 {
1258 /* Update its load count */
1259 if (Flags & LDR_ADDREF_DLL_PIN)
1260 {
1261 /* Pin it by setting load count to -1 */
1262 LdrEntry->LoadCount = 0xFFFF;
1263 LdrpUpdateLoadCount2(LdrEntry, LDRP_UPDATE_PIN);
1264 }
1265 else
1266 {
1267 /* Increase its load count by one */
1268 LdrEntry->LoadCount++;
1269 LdrpUpdateLoadCount2(LdrEntry, LDRP_UPDATE_REFCOUNT);
1270 }
1271
1272 /* Clear load in progress */
1273 LdrpClearLoadInProgress();
1274 }
1275 }
1276 else
1277 {
1278 /* There was an error getting this module's handle, return invalid param status */
1279 Status = STATUS_INVALID_PARAMETER;
1280 }
1281
1282quickie:
1283 /* Check for error case */
1284 if (!NT_SUCCESS(Status))
1285 {
1286 /* Print debug information */
1287 if ((ShowSnaps) || ((Status != STATUS_NO_SUCH_FILE) &&
1288 (Status != STATUS_DLL_NOT_FOUND) &&
1289 (Status != STATUS_OBJECT_NAME_NOT_FOUND)))
1290 {
1291 DPRINT1("LDR: LdrAddRefDll(%p) 0x%08lx\n", BaseAddress, Status);
1292 }
1293 }
1294
1295 /* Release the lock if needed */
1296 if (Locked) LdrUnlockLoaderLock(LDR_UNLOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS, Cookie);
1297 return Status;
1298}
1299
1300/*
1301 * @implemented
1302 */
1303NTSTATUS
1304NTAPI
1305LdrUnloadDll(
1306 _In_ PVOID BaseAddress)
1307{
1308 NTSTATUS Status = STATUS_SUCCESS;
1309 PPEB Peb = NtCurrentPeb();
1310 PLDR_DATA_TABLE_ENTRY LdrEntry, CurrentEntry;
1311 PVOID EntryPoint;
1312 PLIST_ENTRY NextEntry;
1313 LIST_ENTRY UnloadList;
1314 RTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_EXTENDED ActCtx;
1315 PVOID CorImageData;
1316 ULONG ComSectionSize;
1317
1318 /* Get the LDR Lock */
1319 if (!LdrpInLdrInit) RtlEnterCriticalSection(Peb->LoaderLock);
1320
1321 /* Increase the unload count */
1322 LdrpActiveUnloadCount++;
1323
1324 /* Skip unload */
1325 if (LdrpShutdownInProgress) goto Quickie;
1326
1327 /* Make sure the DLL is valid and get its entry */
1328 if (!LdrpCheckForLoadedDllHandle(BaseAddress, &LdrEntry))
1329 {
1330 Status = STATUS_DLL_NOT_FOUND;
1331 goto Quickie;
1332 }
1333
1334 /* Check the current Load Count */
1335 if (LdrEntry->LoadCount != 0xFFFF)
1336 {
1337 /* Decrease it */
1338 LdrEntry->LoadCount--;
1339
1340 /* If it's a dll */
1341 if (LdrEntry->Flags & LDRP_IMAGE_DLL)
1342 {
1343 /* Set up the Act Ctx */
1344 ActCtx.Size = sizeof(ActCtx);
1345 ActCtx.Format = RTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_FORMAT_WHISTLER;
1346 RtlZeroMemory(&ActCtx.Frame, sizeof(RTL_ACTIVATION_CONTEXT_STACK_FRAME));
1347
1348 /* Activate the ActCtx */
1349 RtlActivateActivationContextUnsafeFast(&ActCtx,
1350 LdrEntry->EntryPointActivationContext);
1351
1352 /* Update the load count */
1353 LdrpUpdateLoadCount2(LdrEntry, LDRP_UPDATE_DEREFCOUNT);
1354
1355 /* Release the context */
1356 RtlDeactivateActivationContextUnsafeFast(&ActCtx);
1357 }
1358 }
1359 else
1360 {
1361 /* The DLL is locked */
1362 goto Quickie;
1363 }
1364
1365 /* Show debug message */
1366 if (ShowSnaps) DPRINT1("LDR: UNINIT LIST\n");
1367
1368 /* Check if this is our only unload and initialize the list if so */
1369 if (LdrpActiveUnloadCount == 1) InitializeListHead(&LdrpUnloadHead);
1370
1371 /* Loop the modules to build the list */
1372 NextEntry = Peb->Ldr->InInitializationOrderModuleList.Blink;
1373 while (NextEntry != &Peb->Ldr->InInitializationOrderModuleList)
1374 {
1375 /* Get the entry */
1376 LdrEntry = CONTAINING_RECORD(NextEntry,
1377 LDR_DATA_TABLE_ENTRY,
1378 InInitializationOrderLinks);
1379 NextEntry = NextEntry->Blink;
1380
1381 /* Remove flag */
1382 LdrEntry->Flags &= ~LDRP_UNLOAD_IN_PROGRESS;
1383
1384 /* If the load count is now 0 */
1385 if (!LdrEntry->LoadCount)
1386 {
1387 /* Show message */
1388 if (ShowSnaps)
1389 {
1390 DPRINT1("(%lu) [%ws] %ws (%lx) deinit %p\n",
1391 LdrpActiveUnloadCount,
1392 LdrEntry->BaseDllName.Buffer,
1393 LdrEntry->FullDllName.Buffer,
1394 (ULONG)LdrEntry->LoadCount,
1395 LdrEntry->EntryPoint);
1396 }
1397
1398 /* Call Shim Engine and notify */
1399 if (g_ShimsEnabled)
1400 {
1401 VOID (NTAPI* SE_DllUnloaded)(PVOID) = RtlDecodeSystemPointer(g_pfnSE_DllUnloaded);
1402 SE_DllUnloaded(LdrEntry);
1403 }
1404
1405 /* Unlink it */
1406 CurrentEntry = LdrEntry;
1407 RemoveEntryList(&CurrentEntry->InInitializationOrderLinks);
1408 RemoveEntryList(&CurrentEntry->InMemoryOrderLinks);
1409 RemoveEntryList(&CurrentEntry->HashLinks);
1410
1411 /* If there's more then one active unload */
1412 if (LdrpActiveUnloadCount > 1)
1413 {
1414 /* Flush the cached DLL handle and clear the list */
1415 LdrpLoadedDllHandleCache = NULL;
1416 CurrentEntry->InMemoryOrderLinks.Flink = NULL;
1417 }
1418
1419 /* Add the entry on the unload list */
1420 InsertTailList(&LdrpUnloadHead, &CurrentEntry->HashLinks);
1421 }
1422 }
1423
1424 /* Only call the entrypoints once */
1425 if (LdrpActiveUnloadCount > 1) goto Quickie;
1426
1427 /* Now loop the unload list and create our own */
1428 InitializeListHead(&UnloadList);
1429 CurrentEntry = NULL;
1430 NextEntry = LdrpUnloadHead.Flink;
1431 while (NextEntry != &LdrpUnloadHead)
1432 {
1433 /* Get the current entry */
1434 LdrEntry = CONTAINING_RECORD(NextEntry, LDR_DATA_TABLE_ENTRY, HashLinks);
1435
1436 LdrpRecordUnloadEvent(LdrEntry);
1437
1438 /* Set the entry and clear it from the list */
1439 CurrentEntry = LdrEntry;
1440 LdrpLoadedDllHandleCache = NULL;
1441 CurrentEntry->InMemoryOrderLinks.Flink = NULL;
1442
1443 /* Move it from the global to the local list */
1444 RemoveEntryList(&CurrentEntry->HashLinks);
1445 InsertTailList(&UnloadList, &CurrentEntry->HashLinks);
1446
1447 /* Get the entrypoint */
1448 EntryPoint = LdrEntry->EntryPoint;
1449
1450 /* Check if we should call it */
1451 if ((EntryPoint) && (LdrEntry->Flags & LDRP_PROCESS_ATTACH_CALLED))
1452 {
1453 /* Show message */
1454 if (ShowSnaps)
1455 {
1456 DPRINT1("LDR: Calling deinit %p\n", EntryPoint);
1457 }
1458
1459 /* Set up the Act Ctx */
1460 ActCtx.Size = sizeof(ActCtx);
1461 ActCtx.Format = RTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_FORMAT_WHISTLER;
1462 RtlZeroMemory(&ActCtx.Frame, sizeof(RTL_ACTIVATION_CONTEXT_STACK_FRAME));
1463
1464 /* Activate the ActCtx */
1465 RtlActivateActivationContextUnsafeFast(&ActCtx,
1466 LdrEntry->EntryPointActivationContext);
1467
1468 /* Call the entrypoint */
1469 _SEH2_TRY
1470 {
1471 LdrpCallInitRoutine(LdrEntry->EntryPoint,
1472 LdrEntry->DllBase,
1473 DLL_PROCESS_DETACH,
1474 NULL);
1475 }
1476 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1477 {
1478 DPRINT1("WARNING: Exception 0x%x during LdrpCallInitRoutine(DLL_PROCESS_DETACH) for %wZ\n",
1479 _SEH2_GetExceptionCode(), &LdrEntry->BaseDllName);
1480 }
1481 _SEH2_END;
1482
1483 /* Release the context */
1484 RtlDeactivateActivationContextUnsafeFast(&ActCtx);
1485 }
1486
1487 /* Remove it from the list */
1488 RemoveEntryList(&CurrentEntry->InLoadOrderLinks);
1489 CurrentEntry = NULL;
1490 NextEntry = LdrpUnloadHead.Flink;
1491 }
1492
1493 /* Now loop our local list */
1494 NextEntry = UnloadList.Flink;
1495 while (NextEntry != &UnloadList)
1496 {
1497 /* Get the entry */
1498 LdrEntry = CONTAINING_RECORD(NextEntry, LDR_DATA_TABLE_ENTRY, HashLinks);
1499 NextEntry = NextEntry->Flink;
1500 CurrentEntry = LdrEntry;
1501
1502 /* Notify Application Verifier */
1503 if (Peb->NtGlobalFlag & FLG_HEAP_ENABLE_TAIL_CHECK)
1504 {
1505 AVrfDllUnloadNotification(LdrEntry);
1506 }
1507
1508 /* Show message */
1509 if (ShowSnaps)
1510 {
1511 DPRINT1("LDR: Unmapping [%ws]\n", LdrEntry->BaseDllName.Buffer);
1512 }
1513
1514#if (_WIN32_WINNT >= _WIN32_WINNT_VISTA) || (DLL_EXPORT_VERSION >= _WIN32_WINNT_VISTA)
1515 /* Send shutdown notification */
1516 LdrpSendDllNotifications(CurrentEntry, LDR_DLL_NOTIFICATION_REASON_UNLOADED);
1517#endif
1518
1519 /* Check if this is a .NET executable */
1520 CorImageData = RtlImageDirectoryEntryToData(LdrEntry->DllBase,
1521 TRUE,
1522 IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR,
1523 &ComSectionSize);
1524 if (CorImageData)
1525 {
1526 /* FIXME */
1527 DPRINT1(".NET Images are not supported yet\n");
1528 }
1529
1530 /* Check if we should unmap*/
1531 if (!(CurrentEntry->Flags & LDR_COR_OWNS_UNMAP))
1532 {
1533 /* Unmap the DLL */
1534 Status = NtUnmapViewOfSection(NtCurrentProcess(),
1535 CurrentEntry->DllBase);
1536 ASSERT(NT_SUCCESS(Status));
1537 }
1538
1539 /* Unload the alternate resource module, if any */
1540 LdrUnloadAlternateResourceModule(CurrentEntry->DllBase);
1541
1542 /* Check if a Hotpatch is active */
1543 if (LdrEntry->PatchInformation)
1544 {
1545 /* FIXME */
1546 DPRINT1("We don't support Hotpatching yet\n");
1547 }
1548
1549 /* Deallocate the Entry */
1550 LdrpFinalizeAndDeallocateDataTableEntry(CurrentEntry);
1551
1552 /* If this is the cached entry, invalidate it */
1553 if (LdrpGetModuleHandleCache == CurrentEntry)
1554 {
1555 LdrpGetModuleHandleCache = NULL;
1556 }
1557 }
1558
1559Quickie:
1560 /* Decrease unload count */
1561 LdrpActiveUnloadCount--;
1562 if (!LdrpInLdrInit) RtlLeaveCriticalSection(Peb->LoaderLock);
1563
1564 /* Return to caller */
1565 return Status;
1566}
1567
1568/*
1569 * @implemented
1570 */
1571BOOLEAN
1572NTAPI
1573RtlDllShutdownInProgress(VOID)
1574{
1575 /* Return the internal global */
1576 return LdrpShutdownInProgress;
1577}
1578
1579/*
1580 * @implemented
1581 */
1582PIMAGE_BASE_RELOCATION
1583NTAPI
1584LdrProcessRelocationBlock(
1585 _In_ ULONG_PTR Address,
1586 _In_ ULONG Count,
1587 _In_ PUSHORT TypeOffset,
1588 _In_ LONG_PTR Delta)
1589{
1590 return LdrProcessRelocationBlockLongLong(Address, Count, TypeOffset, Delta);
1591}
1592
1593/*
1594 * @implemented
1595 */
1596NTSTATUS
1597NTAPI
1598LdrLoadAlternateResourceModule(
1599 _In_ PVOID Module,
1600 _In_ PWSTR Buffer)
1601{
1602 /* Is MUI Support enabled? */
1603 if (!LdrAlternateResourcesEnabled()) return STATUS_SUCCESS;
1604
1605 UNIMPLEMENTED;
1606 return STATUS_MUI_FILE_NOT_FOUND;
1607}
1608
1609/*
1610 * @implemented
1611 */
1612BOOLEAN
1613NTAPI
1614LdrUnloadAlternateResourceModule(
1615 _In_ PVOID BaseAddress)
1616{
1617 ULONG_PTR Cookie;
1618
1619 /* Acquire the loader lock */
1620 LdrLockLoaderLock(LDR_LOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS, NULL, &Cookie);
1621
1622 /* Check if there's any alternate resources loaded */
1623 if (AlternateResourceModuleCount)
1624 {
1625 UNIMPLEMENTED;
1626 }
1627
1628 /* Release the loader lock */
1629 LdrUnlockLoaderLock(LDR_UNLOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS, Cookie);
1630
1631 /* All done */
1632 return TRUE;
1633}
1634
1635/*
1636 * @unimplemented
1637 */
1638BOOLEAN
1639NTAPI
1640LdrFlushAlternateResourceModules(VOID)
1641{
1642 UNIMPLEMENTED;
1643 return FALSE;
1644}
1645
1646/*
1647 * @unimplemented
1648 * See https://web.archive.org/web/20231210142610/https://kernelmode.info/forum/viewtopic3973.html?t=991
1649 */
1650NTSTATUS
1651NTAPI
1652LdrSetAppCompatDllRedirectionCallback(
1653 _In_ ULONG Flags,
1654 _In_ PLDR_APP_COMPAT_DLL_REDIRECTION_CALLBACK_FUNCTION CallbackFunction,
1655 _In_opt_ PVOID CallbackData)
1656{
1657 UNIMPLEMENTED;
1658 return STATUS_NOT_IMPLEMENTED;
1659}
1660
1661BOOLEAN
1662NTAPI
1663LdrInitShimEngineDynamic(IN PVOID BaseAddress)
1664{
1665 ULONG_PTR Cookie;
1666 NTSTATUS Status = LdrLockLoaderLock(0, NULL, &Cookie);
1667 if (NT_SUCCESS(Status))
1668 {
1669 if (!g_pShimEngineModule)
1670 {
1671 g_pShimEngineModule = BaseAddress;
1672 LdrpGetShimEngineInterface();
1673 }
1674 LdrUnlockLoaderLock(0, Cookie);
1675 return TRUE;
1676 }
1677 return FALSE;
1678}
1679
1680/* EOF */
NtUnmapViewOfSection
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3498
NtCreateSection
NTSTATUS NTAPI NtCreateSection(OUT PHANDLE SectionHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN PLARGE_INTEGER MaximumSize OPTIONAL, IN ULONG SectionPageProtection OPTIONAL, IN ULONG AllocationAttributes, IN HANDLE FileHandle OPTIONAL)
Definition: section.c:3090
NtMapViewOfSection
NTSTATUS NTAPI NtMapViewOfSection(_In_ HANDLE SectionHandle, _In_ HANDLE ProcessHandle, _Outptr_result_bytebuffer_(*ViewSize) _Pre_valid_ PVOID *BaseAddress, _In_ ULONG_PTR ZeroBits, _In_ SIZE_T CommitSize, _Inout_opt_ PLARGE_INTEGER SectionOffset, _Inout_ PSIZE_T ViewSize, _In_range_(ViewShare, ViewUnmap) SECTION_INHERIT InheritDisposition, _In_ ULONG AllocationType, _In_ ULONG Win32Protect)
Definition: section.c:3271
NtCurrentPeb
#define NtCurrentPeb()
Definition: FLS.c:22
StaticString
IN PUNICODE_STRING StaticString
Definition: RtlGetFullPathName_UstrEx.c:29
DynamicString
IN PUNICODE_STRING IN PUNICODE_STRING DynamicString
Definition: RtlGetFullPathName_UstrEx.c:30
ReturnedSize
ULONG ReturnedSize
Definition: RtlUnicodeToOemN.c:18
EnumProc
static BOOL CALLBACK EnumProc(_In_ HWND hWnd, _In_ LPARAM lParam)
Definition: SetParent.c:53
DECLSPEC_HOTPATCH
#define DECLSPEC_HOTPATCH
Definition: _mingw.h:240
VOID
#define VOID
Definition: acefi.h:82
BOOLEAN
unsigned char BOOLEAN
Definition: actypes.h:127
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
DPRINT1
#define DPRINT1
Definition: precomp.h:8
CompareName
static BOOL CompareName(LPCWSTR pszName1, LPCWSTR pszName2)
Definition: find.c:60
HandleToUlong
#define HandleToUlong(h)
Definition: basetsd.h:73
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: ntoskrnl.c:15
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:616
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:634
Buffer
Definition: bufpool.h:45
Unknown3
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES IN DWORD Unknown3
Definition: conport.c:37
STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: d3dkmdt.h:51
STATUS_NOT_IMPLEMENTED
#define STATUS_NOT_IMPLEMENTED
Definition: d3dkmdt.h:42
Name
LPWSTR Name
Definition: desk.c:124
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
RTL_CONSTANT_STRING
#define RTL_CONSTANT_STRING(s)
Definition: combase.c:35
DLL_PROCESS_DETACH
#define DLL_PROCESS_DETACH
Definition: compat.h:130
RtlImageDirectoryEntryToData
#define RtlImageDirectoryEntryToData
Definition: compat.h:809
RtlImageRvaToVa
#define RtlImageRvaToVa
Definition: compat.h:807
RtlImageNtHeader
#define RtlImageNtHeader
Definition: compat.h:806
MAX_PATH
#define MAX_PATH
Definition: compat.h:34
Peb
PPEB Peb
Definition: dllmain.c:27
strrchr
_ACRTIMP char *__cdecl strrchr(const char *, int)
Definition: string.c:3303
AnsiString
@ AnsiString
Definition: dnslib.h:19
DPFLTR_LDR_ID
@ DPFLTR_LDR_ID
Definition: dpfilter.h:113
L
#define L(x)
Definition: resources.c:13
__FUNCTION__
#define __FUNCTION__
Definition: types.h:116
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
RemoveEntryList
#define RemoveEntryList(Entry)
Definition: env_spec_w32.h:986
InsertTailList
#define InsertTailList(ListHead, Entry)
Definition: env_spec_w32.h:1003
InitializeListHead
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
ProcessId
IN PLARGE_INTEGER IN PLARGE_INTEGER PEPROCESS ProcessId
Definition: fatprocs.h:2712
FileHandle
_Must_inspect_result_ _In_opt_ PFLT_INSTANCE _Out_ PHANDLE FileHandle
Definition: fltkernel.h:1231
Status
Status
Definition: gdiplustypes.h:24
p
GLfloat GLfloat p
Definition: glext.h:8902
Unknown
@ Unknown
Definition: i8042prt.h:114
FLG_HEAP_ENABLE_TAIL_CHECK
#define FLG_HEAP_ENABLE_TAIL_CHECK
Definition: pstypes.h:55
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:90
NtCurrentTeb
#define NtCurrentTeb
Definition: iphlpapi_private.h:4
ModuleListHead
LIST_ENTRY * ModuleListHead
Definition: kdpacket.c:23
DbgPrintEx
#define DbgPrintEx(cmpid, lvl, fmt,...)
Definition: kdinit.c:24
StringBuffer
WCHAR StringBuffer[156]
Definition: ldrinit.c:41
LdrpLoaderLockAcquisitionCount
LONG LdrpLoaderLockAcquisitionCount
Definition: ldrapi.c:20
LdrGetDllHandle
NTSTATUS NTAPI LdrGetDllHandle(_In_opt_ PWSTR DllPath, _In_opt_ PULONG DllCharacteristics, _In_ PUNICODE_STRING DllName, _Out_ PVOID *DllHandle)
Definition: ldrapi.c:770
LdrUnloadDll
NTSTATUS NTAPI LdrUnloadDll(_In_ PVOID BaseAddress)
Definition: ldrapi.c:1305
LdrAccessOutOfProcessResource
NTSTATUS NTAPI LdrAccessOutOfProcessResource(IN PVOID Unknown, IN PVOID Image, IN PVOID Unknown1, IN PVOID Unknown2, IN PVOID Unknown3)
Definition: ldrapi.c:61
LdrFindCreateProcessManifest
NTSTATUS NTAPI LdrFindCreateProcessManifest(IN ULONG Flags, IN PVOID Image, IN PVOID IdPath, IN ULONG IdPathLength, IN PVOID OutDataEntry)
Definition: ldrapi.c:30
LdrQueryProcessModuleInformationEx
NTSTATUS NTAPI LdrQueryProcessModuleInformationEx(_In_opt_ ULONG ProcessId, _Reserved_ ULONG Reserved, _Out_writes_bytes_to_(Size, *ReturnedSize) PRTL_PROCESS_MODULES ModuleInformation, _In_ ULONG Size, _Out_opt_ PULONG ReturnedSize)
Definition: ldrapi.c:961
LdrLoadAlternateResourceModule
NTSTATUS NTAPI LdrLoadAlternateResourceModule(_In_ PVOID Module, _In_ PWSTR Buffer)
Definition: ldrapi.c:1598
LdrVerifyImageMatchesChecksum
NTSTATUS NTAPI LdrVerifyImageMatchesChecksum(_In_ HANDLE FileHandle, _In_ PLDR_CALLBACK Callback, _In_ PVOID CallbackContext, _Out_ PUSHORT ImageCharacteristics)
Definition: ldrapi.c:818
LdrApiDefaultExtension
UNICODE_STRING LdrApiDefaultExtension
Definition: ldrapi.c:22
LdrSetDllManifestProber
VOID NTAPI LdrSetDllManifestProber(_In_ PLDR_MANIFEST_PROBER_ROUTINE Routine)
Definition: ldrapi.c:73
LdrDisableThreadCalloutsForDll
NTSTATUS NTAPI LdrDisableThreadCalloutsForDll(_In_ PVOID BaseAddress)
Definition: ldrapi.c:1168
LdrInitShimEngineDynamic
BOOLEAN NTAPI LdrInitShimEngineDynamic(IN PVOID BaseAddress)
Definition: ldrapi.c:1663
LdrUnlockLoaderLock
NTSTATUS NTAPI LdrUnlockLoaderLock(_In_ ULONG Flags, _In_opt_ ULONG_PTR Cookie)
Definition: ldrapi.c:101
LdrpManifestProberRoutine
PLDR_MANIFEST_PROBER_ROUTINE LdrpManifestProberRoutine
Definition: ldrpe.c:18
LdrpBreakOnRecursiveDllLoads
BOOLEAN LdrpBreakOnRecursiveDllLoads
Definition: ldrapi.c:21
LdrGetDllHandleEx
NTSTATUS NTAPI LdrGetDllHandleEx(_In_ ULONG Flags, _In_opt_ PWSTR DllPath, _In_opt_ PULONG DllCharacteristics, _In_ PUNICODE_STRING DllName, _Out_opt_ PVOID *DllHandle)
Definition: ldrapi.c:505
LdrProcessRelocationBlock
PIMAGE_BASE_RELOCATION NTAPI LdrProcessRelocationBlock(_In_ ULONG_PTR Address, _In_ ULONG Count, _In_ PUSHORT TypeOffset, _In_ LONG_PTR Delta)
Definition: ldrapi.c:1584
LdrLoadDll
NTSTATUS NTAPI DECLSPEC_HOTPATCH LdrLoadDll(_In_opt_ PWSTR SearchPath, _In_opt_ PULONG DllCharacteristics, _In_ PUNICODE_STRING DllName, _Out_ PVOID *BaseAddress)
Definition: ldrapi.c:312
LdrGetProcedureAddressEx
NTSTATUS NTAPI LdrGetProcedureAddressEx(_In_ PVOID BaseAddress, _In_opt_ _When_(Ordinal==0, _Notnull_) PANSI_STRING Name, _In_opt_ _When_(Name==NULL, _In_range_(>, 0)) ULONG Ordinal, _Out_ PVOID *ProcedureAddress, _In_ ULONG Flags)
Definition: ldrapi.c:801
LdrpUnloadHead
LIST_ENTRY LdrpUnloadHead
Definition: ldrapi.c:19
LdrCreateOutOfProcessImage
NTSTATUS NTAPI LdrCreateOutOfProcessImage(IN ULONG Flags, IN HANDLE ProcessHandle, IN HANDLE DllHandle, IN PVOID Unknown3)
Definition: ldrapi.c:50
LdrFlushAlternateResourceModules
BOOLEAN NTAPI LdrFlushAlternateResourceModules(VOID)
Definition: ldrapi.c:1640
LdrQueryProcessModuleInformation
NTSTATUS NTAPI LdrQueryProcessModuleInformation(_Out_writes_bytes_to_(Size, *ReturnedSize) PRTL_PROCESS_MODULES ModuleInformation, _In_ ULONG Size, _Out_opt_ PULONG ReturnedSize)
Definition: ldrapi.c:1090
LdrDestroyOutOfProcessImage
NTSTATUS NTAPI LdrDestroyOutOfProcessImage(IN PVOID Image)
Definition: ldrapi.c:42
LdrLockLoaderLock
NTSTATUS NTAPI LdrLockLoaderLock(_In_ ULONG Flags, _Out_opt_ PULONG Disposition, _Out_opt_ PULONG_PTR Cookie)
Definition: ldrapi.c:174
LdrpShowRecursiveLoads
BOOLEAN LdrpShowRecursiveLoads
Definition: ldrapi.c:21
AlternateResourceModuleCount
ULONG AlternateResourceModuleCount
Definition: ldrapi.c:23
LdrAddRefDll
NTSTATUS NTAPI LdrAddRefDll(_In_ ULONG Flags, _In_ PVOID BaseAddress)
Definition: ldrapi.c:1219
LdrUnloadAlternateResourceModule
BOOLEAN NTAPI LdrUnloadAlternateResourceModule(_In_ PVOID BaseAddress)
Definition: ldrapi.c:1614
LdrpMakeCookie
FORCEINLINE ULONG_PTR LdrpMakeCookie(VOID)
Definition: ldrapi.c:89
LdrFindEntryForAddress
NTSTATUS NTAPI LdrFindEntryForAddress(_In_ PVOID Address, _Out_ PLDR_DATA_TABLE_ENTRY *Module)
Definition: ldrapi.c:425
LdrGetProcedureAddress
NTSTATUS NTAPI LdrGetProcedureAddress(_In_ PVOID BaseAddress, _In_opt_ _When_(Ordinal==0, _Notnull_) PANSI_STRING Name, _In_opt_ _When_(Name==NULL, _In_range_(>, 0)) ULONG Ordinal, _Out_ PVOID *ProcedureAddress)
Definition: ldrapi.c:789
LdrEnumerateLoadedModules
NTSTATUS NTAPI LdrEnumerateLoadedModules(_Reserved_ ULONG ReservedFlag, _In_ PLDR_ENUM_CALLBACK EnumProc, _In_opt_ PVOID Context)
Definition: ldrapi.c:1104
LdrAlternateResourcesEnabled
BOOLEAN NTAPI LdrAlternateResourcesEnabled(VOID)
Definition: ldrapi.c:81
LdrSetAppCompatDllRedirectionCallback
NTSTATUS NTAPI LdrSetAppCompatDllRedirectionCallback(_In_ ULONG Flags, _In_ PLDR_APP_COMPAT_DLL_REDIRECTION_CALLBACK_FUNCTION CallbackFunction, _In_opt_ PVOID CallbackData)
Definition: ldrapi.c:1652
LdrProcessRelocationBlockLongLong
PIMAGE_BASE_RELOCATION NTAPI LdrProcessRelocationBlockLongLong(_In_ ULONG_PTR Address, _In_ ULONG Count, _In_ PUSHORT TypeOffset, _In_ LONGLONG Delta)
LDR_GET_PROCEDURE_ADDRESS_DONT_RECORD_FORWARDER
#define LDR_GET_PROCEDURE_ADDRESS_DONT_RECORD_FORWARDER
Definition: ldrfuncs.h:101
LdrVerifyMappedImageMatchesChecksum
BOOLEAN NTAPI LdrVerifyMappedImageMatchesChecksum(_In_ PVOID BaseAddress, _In_ SIZE_T NumberOfBytes, _In_ ULONG FileLength)
LDR_LOCK_LOADER_LOCK_DISPOSITION_LOCK_NOT_ACQUIRED
#define LDR_LOCK_LOADER_LOCK_DISPOSITION_LOCK_NOT_ACQUIRED
Definition: ldrtypes.h:97
LDR_GET_DLL_HANDLE_EX_UNCHANGED_REFCOUNT
#define LDR_GET_DLL_HANDLE_EX_UNCHANGED_REFCOUNT
Definition: ldrtypes.h:91
LDR_DLL_NOTIFICATION_REASON_UNLOADED
#define LDR_DLL_NOTIFICATION_REASON_UNLOADED
Definition: ldrtypes.h:204
LDRP_REDIRECTED
#define LDRP_REDIRECTED
Definition: ldrtypes.h:62
Stop
_In_opt_ PVOID _Out_ BOOLEAN * Stop
Definition: ldrtypes.h:258
LDR_LOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS
#define LDR_LOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS
Definition: ldrtypes.h:80
LDR_ADDREF_DLL_PIN
#define LDR_ADDREF_DLL_PIN
Definition: ldrtypes.h:75
LDR_COR_OWNS_UNMAP
#define LDR_COR_OWNS_UNMAP
Definition: ldrtypes.h:57
LDR_GET_DLL_HANDLE_EX_PIN
#define LDR_GET_DLL_HANDLE_EX_PIN
Definition: ldrtypes.h:92
ActCtx
_In_ PCWSTR _Out_ PVOID * ActCtx
Definition: ldrtypes.h:264
LDRP_DONT_CALL_FOR_THREADS
#define LDRP_DONT_CALL_FOR_THREADS
Definition: ldrtypes.h:52
LDR_LOCK_LOADER_LOCK_FLAG_TRY_ONLY
#define LDR_LOCK_LOADER_LOCK_FLAG_TRY_ONLY
Definition: ldrtypes.h:81
LDR_LOCK_LOADER_LOCK_DISPOSITION_INVALID
#define LDR_LOCK_LOADER_LOCK_DISPOSITION_INVALID
Definition: ldrtypes.h:95
LDR_LOCK_LOADER_LOCK_DISPOSITION_LOCK_ACQUIRED
#define LDR_LOCK_LOADER_LOCK_DISPOSITION_LOCK_ACQUIRED
Definition: ldrtypes.h:96
PLDR_MANIFEST_PROBER_ROUTINE
LDR_MANIFEST_PROBER_ROUTINE * PLDR_MANIFEST_PROBER_ROUTINE
Definition: ldrtypes.h:265
LDRP_IMAGE_DLL
#define LDRP_IMAGE_DLL
Definition: ldrtypes.h:39
LDR_UNLOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS
#define LDR_UNLOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS
Definition: ldrtypes.h:86
LDRP_PROCESS_ATTACH_CALLED
#define LDRP_PROCESS_ATTACH_CALLED
Definition: ldrtypes.h:53
PLDR_ENUM_CALLBACK
LDR_ENUM_CALLBACK * PLDR_ENUM_CALLBACK
Definition: ldrtypes.h:259
LdrpGetShimEngineInterface
VOID NTAPI LdrpGetShimEngineInterface()
Definition: ldrutils.c:2706
if
if(dx< 0)
Definition: linetemp.h:194
FileStandardInfo
@ FileStandardInfo
Definition: minwinbase.h:305
ASSERT
#define ASSERT(a)
Definition: mode.c:44
DllPath
static const char const char * DllPath
Definition: image.c:34
LONG_PTR
__int3264 LONG_PTR
Definition: mstsclib_h.h:276
Disposition
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Reserved_ ULONG _In_opt_ PUNICODE_STRING _In_ ULONG _Out_opt_ PULONG Disposition
Definition: cmfuncs.h:56
DPFLTR_WARNING_LEVEL
#define DPFLTR_WARNING_LEVEL
Definition: kdtypes.h:31
ProcessHandle
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
BaseAddress
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize _Pre_valid_ PVOID * BaseAddress
Definition: mmfuncs.h:404
ViewSize
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize _Pre_valid_ PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:408
SEC_COMMIT
#define SEC_COMMIT
Definition: mmtypes.h:100
RtlEnterCriticalSection
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
RtlTryEnterCriticalSection
NTSYSAPI LOGICAL NTAPI RtlTryEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
RtlLeaveCriticalSection
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
RtlRaiseStatus
DECLSPEC_NORETURN NTSYSAPI VOID NTAPI RtlRaiseStatus(_In_ NTSTATUS Status)
RTL_PROCESS_MODULE_INFORMATION
struct _RTL_PROCESS_MODULE_INFORMATION RTL_PROCESS_MODULE_INFORMATION
RTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_FORMAT_WHISTLER
#define RTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_FORMAT_WHISTLER
Definition: rtltypes.h:101
Locked
_In_ PMEMORY_AREA _In_ PVOID _In_ BOOLEAN Locked
Definition: newmm.h:209
_Out_opt_
#define _Out_opt_
Definition: no_sal2.h:214
_Notnull_
#define _Notnull_
Definition: no_sal2.h:54
_Out_writes_bytes_to_
#define _Out_writes_bytes_to_(s, c)
Definition: no_sal2.h:190
_Out_
#define _Out_
Definition: no_sal2.h:160
_In_
#define _In_
Definition: no_sal2.h:158
_In_opt_
#define _In_opt_
Definition: no_sal2.h:212
_Reserved_
#define _Reserved_
Definition: no_sal2.h:504
_In_range_
#define _In_range_(l, h)
Definition: no_sal2.h:368
_When_
#define _When_(c, a)
Definition: no_sal2.h:38
Count
int Count
Definition: noreturn.cpp:7
RtlCopyUnicodeString
NTSYSAPI VOID NTAPI RtlCopyUnicodeString(PUNICODE_STRING DestinationString, PUNICODE_STRING SourceString)
SECTION_MAP_EXECUTE
#define SECTION_MAP_EXECUTE
Definition: nt_native.h:1293
RtlUnicodeStringToAnsiString
NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToAnsiString(PANSI_STRING DestinationString, PUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
RtlAppendUnicodeStringToString
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
PAGE_EXECUTE
#define PAGE_EXECUTE
Definition: nt_native.h:1309
RtlEqualUnicodeString
NTSYSAPI BOOLEAN NTAPI RtlEqualUnicodeString(PUNICODE_STRING String1, PUNICODE_STRING String2, BOOLEAN CaseInSensitive)
NtCurrentProcess
#define NtCurrentProcess()
Definition: nt_native.h:1660
NtQueryInformationFile
NTSYSAPI NTSTATUS NTAPI NtQueryInformationFile(IN HANDLE hFile, OUT PIO_STATUS_BLOCK pIoStatusBlock, OUT PVOID FileInformationBuffer, IN ULONG FileInformationBufferLength, IN FILE_INFORMATION_CLASS FileInfoClass)
ViewShare
@ ViewShare
Definition: nt_native.h:1281
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3402
RtlFreeUnicodeString
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
UNICODE_NULL
#define UNICODE_NULL
UNICODE_STRING_MAX_BYTES
#define UNICODE_STRING_MAX_BYTES
ANSI_NULL
#define ANSI_NULL
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
IoStatusBlock
static OUT PIO_STATUS_BLOCK IoStatusBlock
Definition: pipe.c:100
LdrpInLdrInit
BOOLEAN LdrpInLdrInit
Definition: ldrinit.c:30
LdrpApplyFileNameRedirection
NTSYSAPI NTSTATUS NTAPI LdrpApplyFileNameRedirection(_In_ PUNICODE_STRING OriginalName, _In_ PUNICODE_STRING Extension, _Inout_opt_ PUNICODE_STRING StaticString, _Inout_opt_ PUNICODE_STRING DynamicString, _Inout_ PUNICODE_STRING *NewName, _Inout_ PBOOLEAN RedirectedDll)
LdrpShutdownInProgress
BOOLEAN LdrpShutdownInProgress
Definition: ldrinit.c:34
LdrpCheckForLoadedDllHandle
BOOLEAN NTAPI LdrpCheckForLoadedDllHandle(IN PVOID Base, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
Definition: ldrutils.c:1600
LdrpLoadDll
NTSTATUS NTAPI LdrpLoadDll(IN BOOLEAN Redirected, IN PWSTR DllPath OPTIONAL, IN PULONG DllCharacteristics OPTIONAL, IN PUNICODE_STRING DllName, OUT PVOID *BaseAddress, IN BOOLEAN CallInit)
Definition: ldrutils.c:2423
g_pShimEngineModule
PVOID g_pShimEngineModule
Definition: ldrutils.c:22
LdrpUpdateLoadCount2
VOID NTAPI LdrpUpdateLoadCount2(IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN ULONG Flags)
Definition: ldrutils.c:434
LDRP_UPDATE_DEREFCOUNT
#define LDRP_UPDATE_DEREFCOUNT
Definition: ntdllp.h:16
LdrpCurrentDllInitializer
PLDR_DATA_TABLE_ENTRY LdrpCurrentDllInitializer
Definition: ldrinit.c:43
LdrpActiveUnloadCount
ULONG LdrpActiveUnloadCount
Definition: ldrinit.c:82
LdrpFinalizeAndDeallocateDataTableEntry
VOID NTAPI LdrpFinalizeAndDeallocateDataTableEntry(IN PLDR_DATA_TABLE_ENTRY Entry)
Definition: ldrutils.c:1577
PLDR_APP_COMPAT_DLL_REDIRECTION_CALLBACK_FUNCTION
NTSTATUS(NTAPI * PLDR_APP_COMPAT_DLL_REDIRECTION_CALLBACK_FUNCTION)(_In_ ULONG Flags, _In_ PCWSTR DllName, _In_ PCWSTR DllPath OPTIONAL, _Inout_opt_ PULONG DllCharacteristics, _In_ PVOID CallbackData, _Outptr_ PWSTR *EffectiveDllPath)
Definition: ntdllp.h:34
LdrpGetModuleHandleCache
PLDR_DATA_TABLE_ENTRY LdrpGetModuleHandleCache
Definition: ldrutils.c:19
LdrpGetProcedureAddress
NTSTATUS NTAPI LdrpGetProcedureAddress(_In_ PVOID BaseAddress, _In_opt_ _When_(Ordinal==0, _Notnull_) PANSI_STRING Name, _In_opt_ _When_(Name==NULL, _In_range_(>, 0)) ULONG Ordinal, _Out_ PVOID *ProcedureAddress, _In_ BOOLEAN ExecuteInit)
Definition: ldrutils.c:2231
LdrpCheckForLoadedDll
BOOLEAN NTAPI LdrpCheckForLoadedDll(IN PWSTR DllPath, IN PUNICODE_STRING DllName, IN BOOLEAN Flag, IN BOOLEAN RedirectedDll, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
Definition: ldrutils.c:1958
LdrpCallInitRoutine
BOOLEAN NTAPI LdrpCallInitRoutine(IN PDLL_INIT_ROUTINE EntryPoint, IN PVOID BaseAddress, IN ULONG Reason, IN PVOID Context)
Definition: ldrutils.c:100
AVrfDllUnloadNotification
VOID NTAPI AVrfDllUnloadNotification(IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: verifier.c:332
ShowSnaps
BOOLEAN ShowSnaps
Definition: ldrinit.c:79
LDRP_UPDATE_PIN
#define LDRP_UPDATE_PIN
Definition: ntdllp.h:17
LdrpSendDllNotifications
VOID NTAPI LdrpSendDllNotifications(_In_ PLDR_DATA_TABLE_ENTRY DllEntry, _In_ ULONG NotificationReason)
Definition: ldrnotify.c:104
LdrpRecordUnloadEvent
VOID NTAPI LdrpRecordUnloadEvent(_In_ PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: trace.c:28
g_ShimsEnabled
BOOLEAN g_ShimsEnabled
Definition: ldrutils.c:21
LdrpLoaderLock
RTL_CRITICAL_SECTION LdrpLoaderLock
Definition: ldrinit.c:68
LDRP_UPDATE_REFCOUNT
#define LDRP_UPDATE_REFCOUNT
Definition: ntdllp.h:15
LdrpTopLevelDllBeingLoaded
PUNICODE_STRING LdrpTopLevelDllBeingLoaded
Definition: ldrinit.c:40
LdrpClearLoadInProgress
ULONG NTAPI LdrpClearLoadInProgress(VOID)
Definition: ldrutils.c:2658
g_pfnSE_DllUnloaded
PVOID g_pfnSE_DllUnloaded
Definition: ldrutils.c:24
LdrpLoadedDllHandleCache
PLDR_DATA_TABLE_ENTRY LdrpLoadedDllHandleCache
Definition: ntdllp.h:59
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
#define IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
Definition: ntimage.h:489
STATUS_INTERNAL_ERROR
#define STATUS_INTERNAL_ERROR
Definition: ntstatus.h:559
STATUS_IMAGE_CHECKSUM_MISMATCH
#define STATUS_IMAGE_CHECKSUM_MISMATCH
Definition: ntstatus.h:799
STATUS_DLL_NOT_FOUND
#define STATUS_DLL_NOT_FOUND
Definition: ntstatus.h:639
STATUS_MUI_FILE_NOT_FOUND
#define STATUS_MUI_FILE_NOT_FOUND
Definition: ntstatus.h:1724
STATUS_INVALID_PARAMETER_2
#define STATUS_INVALID_PARAMETER_2
Definition: ntstatus.h:570
STATUS_NO_MORE_ENTRIES
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:285
STATUS_DLL_INIT_FAILED
#define STATUS_DLL_INIT_FAILED
Definition: ntstatus.h:652
STATUS_INVALID_PARAMETER_1
#define STATUS_INVALID_PARAMETER_1
Definition: ntstatus.h:569
STATUS_INVALID_PARAMETER_3
#define STATUS_INVALID_PARAMETER_3
Definition: ntstatus.h:571
STATUS_NAME_TOO_LONG
#define STATUS_NAME_TOO_LONG
Definition: ntstatus.h:592
IMAGE_DIRECTORY_ENTRY_IMPORT
#define IMAGE_DIRECTORY_ENTRY_IMPORT
Definition: pedump.c:260
WCHAR
short WCHAR
Definition: pedump.c:58
LONG
long LONG
Definition: pedump.c:60
Address
static WCHAR Address[46]
Definition: ping.c:68
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:204
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:104
_SEH2_FINALLY
#define _SEH2_FINALLY
Definition: pseh2_64.h:153
_SEH2_END
#define _SEH2_END
Definition: pseh2_64.h:194
_SEH2_TRY
#define _SEH2_TRY
Definition: pseh2_64.h:93
_InterlockedIncrement
long __cdecl _InterlockedIncrement(_Interlocked_operand_ long volatile *_Addend)
RtlDecodeSystemPointer
PVOID NTAPI RtlDecodeSystemPointer(IN PVOID Pointer)
Definition: process.c:439
Entry
Entry
Definition: section.c:5216
FileStandardInformation
#define FileStandardInformation
Definition: propsheet.cpp:61
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
SE_DllUnloaded
VOID WINAPI SE_DllUnloaded(PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: shimeng.c:1498
DPRINT
#define DPRINT
Definition: sndvol32.h:73
Context
_In_ PVOID Context
Definition: storport.h:2269
_ANSI_STRING
Definition: env_spec_w32.h:375
_CLIENT_ID::UniqueThread
HANDLE UniqueThread
Definition: compat.h:826
_CLIENT_ID::UniqueProcess
HANDLE UniqueProcess
Definition: compat.h:825
_FILE_STANDARD_INFORMATION
Definition: propsheet.cpp:53
_IMAGE_BASE_RELOCATION
Definition: ntimage.h:162
_IMAGE_FILE_HEADER::Characteristics
WORD Characteristics
Definition: ntddk_ex.h:128
_IMAGE_IMPORT_DESCRIPTOR
Definition: ntimage.h:572
_IMAGE_IMPORT_DESCRIPTOR::Name
ULONG Name
Definition: ntimage.h:579
_IMAGE_NT_HEADERS
Definition: ntddk_ex.h:181
_IMAGE_NT_HEADERS::OptionalHeader
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
_IMAGE_NT_HEADERS::FileHeader
IMAGE_FILE_HEADER FileHeader
Definition: ntddk_ex.h:183
_IMAGE_OPTIONAL_HEADER::SizeOfImage
DWORD SizeOfImage
Definition: ntddk_ex.h:167
_IMAGE_SECTION_HEADER
Definition: pedump.c:280
_IO_STATUS_BLOCK
Definition: env_spec_w32.h:870
_LDR_DATA_TABLE_ENTRY
Definition: btrfs_drv.h:1876
_LDR_DATA_TABLE_ENTRY::EntryPointActivationContext
PACTIVATION_CONTEXT EntryPointActivationContext
Definition: ldrtypes.h:167
_LDR_DATA_TABLE_ENTRY::LoadCount
USHORT LoadCount
Definition: ntddk_ex.h:208
_LDR_DATA_TABLE_ENTRY::EntryPoint
PVOID EntryPoint
Definition: ntddk_ex.h:203
_LDR_DATA_TABLE_ENTRY::FullDllName
UNICODE_STRING FullDllName
Definition: btrfs_drv.h:1882
_LDR_DATA_TABLE_ENTRY::SizeOfImage
ULONG SizeOfImage
Definition: ldrtypes.h:147
_LDR_DATA_TABLE_ENTRY::InLoadOrderLinks
LIST_ENTRY InLoadOrderLinks
Definition: ldrtypes.h:142
_LDR_DATA_TABLE_ENTRY::InInitializationOrderLinks
LIST_ENTRY InInitializationOrderLinks
Definition: ldrtypes.h:144
_LDR_DATA_TABLE_ENTRY::DllBase
PVOID DllBase
Definition: btrfs_drv.h:1880
_LDR_DATA_TABLE_ENTRY::InMemoryOrderLinks
LIST_ENTRY InMemoryOrderLinks
Definition: btrfs_drv.h:1878
_LDR_DATA_TABLE_ENTRY::TlsIndex
USHORT TlsIndex
Definition: ntddk_ex.h:209
_LDR_DATA_TABLE_ENTRY::Flags
ULONG Flags
Definition: ntddk_ex.h:207
_LDR_DATA_TABLE_ENTRY::HashLinks
LIST_ENTRY HashLinks
Definition: ldrtypes.h:155
_LDR_DATA_TABLE_ENTRY::BaseDllName
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:149
_LDR_DATA_TABLE_ENTRY::PatchInformation
PVOID PatchInformation
Definition: ldrtypes.h:168
_LIST_ENTRY
Definition: typedefs.h:120
_LIST_ENTRY::Blink
struct _LIST_ENTRY * Blink
Definition: typedefs.h:122
_LIST_ENTRY::Flink
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
_PEB_LDR_DATA
Definition: btrfs_drv.h:1892
_PEB_LDR_DATA::EntryInProgress
PVOID EntryInProgress
Definition: ldrtypes.h:127
_PEB_LDR_DATA::InInitializationOrderModuleList
LIST_ENTRY InInitializationOrderModuleList
Definition: ldrtypes.h:126
_PEB_LDR_DATA::InMemoryOrderModuleList
LIST_ENTRY InMemoryOrderModuleList
Definition: btrfs_drv.h:1895
_PEB
Definition: btrfs_drv.h:1907
_PEB::LoaderLock
PVOID LoaderLock
Definition: ntddk_ex.h:295
_PEB::Ldr
PPEB_LDR_DATA Ldr
Definition: btrfs_drv.h:1912
_PEB::NtGlobalFlag
ULONG NtGlobalFlag
Definition: ntddk_ex.h:270
_RTL_ACTIVATION_CONTEXT_STACK_FRAME
Definition: winternl.h:322
_RTL_PROCESS_MODULES
Definition: rtltypes.h:1010
_RTL_PROCESS_MODULE_INFORMATION
Definition: rtltypes.h:996
_RTL_PROCESS_MODULE_INFORMATION::Flags
ULONG Flags
Definition: rtltypes.h:1001
_RTL_PROCESS_MODULE_INFORMATION::ImageBase
PVOID ImageBase
Definition: rtltypes.h:999
_RTL_PROCESS_MODULE_INFORMATION::LoadCount
USHORT LoadCount
Definition: rtltypes.h:1004
_RTL_PROCESS_MODULE_INFORMATION::InitOrderIndex
USHORT InitOrderIndex
Definition: rtltypes.h:1003
_RTL_PROCESS_MODULE_INFORMATION::MappedBase
PVOID MappedBase
Definition: rtltypes.h:998
_RTL_PROCESS_MODULE_INFORMATION::OffsetToFileName
USHORT OffsetToFileName
Definition: rtltypes.h:1005
_RTL_PROCESS_MODULE_INFORMATION::FullPathName
CHAR FullPathName[256]
Definition: rtltypes.h:1006
_RTL_PROCESS_MODULE_INFORMATION::ImageSize
ULONG ImageSize
Definition: rtltypes.h:1000
_RTL_PROCESS_MODULE_INFORMATION::LoadOrderIndex
USHORT LoadOrderIndex
Definition: rtltypes.h:1002
_TEB
Definition: compat.h:836
_TEB::ClientId
CLIENT_ID ClientId
Definition: compat.h:839
_TEB::RealClientId
CLIENT_ID RealClientId
Definition: compat.h:861
_UNICODE_STRING
Definition: env_spec_w32.h:368
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
PWSTR
uint16_t * PWSTR
Definition: typedefs.h:56
PULONG_PTR
uint32_t * PULONG_PTR
Definition: typedefs.h:65
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
NTAPI
#define NTAPI
Definition: typedefs.h:36
PVOID
void * PVOID
Definition: typedefs.h:50
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
PUSHORT
uint16_t * PUSHORT
Definition: typedefs.h:56
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
IN
#define IN
Definition: typedefs.h:39
PWCHAR
uint16_t * PWCHAR
Definition: typedefs.h:56
CONTAINING_RECORD
#define CONTAINING_RECORD(address, type, field)
Definition: typedefs.h:260
ULONG
uint32_t ULONG
Definition: typedefs.h:59
PCHAR
char * PCHAR
Definition: typedefs.h:51
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
STATUS_NO_SUCH_FILE
#define STATUS_NO_SUCH_FILE
Definition: udferr_usr.h:137
STATUS_INFO_LENGTH_MISMATCH
#define STATUS_INFO_LENGTH_MISMATCH
Definition: udferr_usr.h:133
STATUS_OBJECT_NAME_NOT_FOUND
#define STATUS_OBJECT_NAME_NOT_FOUND
Definition: udferr_usr.h:149
PLDR_CALLBACK
VOID(NTAPI * PLDR_CALLBACK)(PVOID CallbackContext, PCHAR Name)
Definition: umfuncs.h:217
Size
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4539
Callback
_In_ WDFINTERRUPT _In_ PFN_WDF_INTERRUPT_SYNCHRONIZE Callback
Definition: wdfinterrupt.h:458
FORCEINLINE
#define FORCEINLINE
Definition: wdftypes.h:67
SearchPath
#define SearchPath
Definition: winbase.h:3621
Reserved
_Reserved_ PVOID Reserved
Definition: winddi.h:3974
RtlDllShutdownInProgress
NTSYSAPI BOOLEAN WINAPI RtlDllShutdownInProgress(void)
Definition: ldrapi.c:1573
CallbackContext
_IRQL_requires_same_ typedef _In_ ULONG _In_ UCHAR _In_ ULONGLONG _In_ ULONGLONG _In_opt_ PEVENT_FILTER_DESCRIPTOR _Inout_opt_ PVOID CallbackContext
Definition: wmitypes.h:60
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
Cookie
_In_opt_ PVOID _Out_ PLARGE_INTEGER Cookie
Definition: cmfuncs.h:14
CallbackFunction
_In_ PCALLBACK_FUNCTION CallbackFunction
Definition: exfuncs.h:1034